feat: add reusable wireguard-client NixOS module
- modules/nixos/services/wireguard-client.nix — optional module under
gortium.wireguard-client namespace with enable, vpnIp, privateKeyFile,
and presharedKeyFile options
- Added to lazyworkhorse, cyt-pi, and uconsoleBaseModules (covers both
uconsole-cm5 toplevel and SD image)
- Migrated lazyworkhorse from inline networking.wireguard to module
- Split-tunnel: allowedIPs = [ "10.8.0.0/24" ]
Usage in a host config:
gortium.wireguard-client = {
enable = true;
vpnIp = "10.8.0.X/24";
privateKeyFile = config.age.secrets.wireguard_private_key.path;
presharedKeyFile = config.age.secrets.wireguard_preshared_key.path;
};
This commit is contained in:
@@ -112,6 +112,7 @@
|
||||
agenix.nixosModules.default
|
||||
./hosts/uconsole-cm5/configuration.nix
|
||||
./hosts/uconsole-cm5/hardware-configuration.nix
|
||||
./modules/nixos/services/wireguard-client.nix
|
||||
./users/gortium/gortium.nix
|
||||
./users/ai-worker/ai-worker.nix
|
||||
];
|
||||
@@ -133,6 +134,7 @@
|
||||
./hosts/lazyworkhorse/hardware-configuration.nix
|
||||
./modules/nixos/filesystem/hoardingcow-mount.nix
|
||||
./modules/nixos/services/docker_manager.nix
|
||||
./modules/nixos/services/wireguard-client.nix
|
||||
./modules/nixos/services/ollama_init_custom_models.nix
|
||||
./modules/nixos/security/ai-worker-restricted.nix
|
||||
./users/gortium/gortium.nix
|
||||
@@ -151,6 +153,7 @@
|
||||
}
|
||||
./hosts/cyt-pi/configuration.nix
|
||||
./hosts/cyt-pi/hardware-configuration.nix
|
||||
./modules/nixos/services/wireguard-client.nix
|
||||
./users/gortium/gortium.nix
|
||||
];
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user